Data

Data

The UK left the EU on 31 January 2020. A transition period, during which EU laws continue to apply in the UK, is due to end on 31 December 2020. The UK/EU Withdrawal Agreement sets out transitional arrangements and negotiations for the future UK/EU relationship are ongoing.

GDPR and Data Protection

Businesses should be aware that, from 1 January 2021, the UK GDPR will apply to most processing of personal data in the UK (although in some cases, where processing of data subjects in the EU takes place, the GDPR itself will also apply).

The UK GDPR, like the GDPR itself, reaffirms and enhances, sometimes significantly, the rights of citizens and consumers to access their data electronically, to have it corrected or deleted, and to scrutinise data processing. The penalties for non-compliance are potentially severe. Proper judgement and systems need to be applied to data collection, and if data is lost, rapid notification is critical. However, data is also a strategic issue. Choosing what data to collect, how to use it, and how to protect it can bring great benefits. The value of a business can be greatly increased by good data practice.

We advise our clients on how best to achieve their strategic objectives while complying with an evolving regulatory regime. For corporate clients we highlight gaps in compliance, explain how to implement the requisite policies and procedures, resolve incidents and repair reputations. For private clients we identify the most effective ways to exercise and enforce their rights.

Our group comprises experts in data protection, privacy and reputation management, as well as non-lawyer cyber security specialists. It allows us to cover the full spectrum of support and advice, and to do so from the forefront, advising clients on issues such as AdTech, enforcement of data subject rights and cyber security. 

  • Advising on GDPR compliance, including:
    • Policy review, gap analysis and data protection strategy
    • Preparing Data Protection Impact Assessments (DPIAs) Privacy Impact Assessments (PIAs), data protection policies and data processing agreements
    • Preparing Privacy Impact Assessments, data protection policies and data processing agreements
    • Review of cyber security processes and controls to protect data
    • Data breach procedures
    • Subject access request procedures and handling requests, responses, complaints and enforcement
    • Data portability procedures
    • Advising on direct marketing and compliance with privacy regulation
  • Multi-disciplinary approach to cyber security and data breaches
  • Managing claims before the Courts in relation to data protection, data theft and privacy issues, and investigations by the Information Commissioner's Office
  • Advising on issues of data protection and privacy in relation to reputation management

Mishcon de Reya is acting for a client, Jenny, seeking to challenge the legislation relating to the Foreign Account Tax Compliance Act ("FATCA") which she believes breaches her fundamental rights to data protection and privacy.

Under FATCA, banks are required to send all personal and financial information of any US citizens to US authorities on an annual basis independent of any actual US tax liability. All it takes is for an American citizen to have a bank account outside of America.

Our approach in summary.

How can we help you?

How can we help you?

Subscribe: I'd like to keep in touch

If your enquiry is urgent please call +44 20 3321 7000

Crisis Hotline

Emergency number:

COVID-19 Enquiry

Please enter your first name
Please enter your last name
Please enter your enquiry
Please enter your email address
Please enter your phone number
Please select a contact method

I'm a client

Please enter your first name
Please enter your last name
Please enter your enquiry
Please enter an email address
Please enter your phone number
Please enter a value

I'm looking for advice

Please enter your first name
Please enter your last name
Please enter your enquiry
Please select a department
Please enter your email address
Please enter your phone number
Please select a contact method

Something else

Please enter your first name
Please enter your last name
Please enter your enquiry
Please enter your email address
Please enter your phone number
Please select your contact method of choice